package com.nk.web;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nk.domain.*;
import com.nk.service.EmployeeService;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.method.HandlerMethod;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.logging.Handler;

@Controller
public class EmployeeController {

    @RequestMapping("employeeList")
    @ResponseBody
    public PageListRes employeeList(QueryVo vo){
        PageListRes employeeList = employeeService.getEmployeeList(vo);
        return employeeList;
    }

    @Autowired
    private EmployeeService employeeService;

    @RequestMapping("employee")
    @RequiresPermissions("employee:index")
    public String employeeClick(){
        return "employee";
    }

    @RequestMapping("saveEmployee")
    @ResponseBody
    public AjaxRes saveEmployee(Employee employee){
        //默认添加的用户状态为在职
        employee.setState(true);
        System.out.println(employee);
        AjaxRes ajaxRes = new AjaxRes();
        try {
            // 散列加密密码,以用户名加盐
            employee.setPassword( new Md5Hash(employee.getPassword(),employee.getUsername(),2).toString());
            employeeService.saveEmployee(employee);
            ajaxRes.setSuccess(true);
            ajaxRes.setMessage("添加成功");
        }catch (Exception e){
            ajaxRes.setSuccess(false);
            ajaxRes.setMessage("添加失败");
        }

        return ajaxRes;
    }

    @RequestMapping("updateEmployee")
    @ResponseBody
    public AjaxRes updateEmployee(Employee employee){
        System.out.println(employee);
        AjaxRes ajaxRes = new AjaxRes();
        try {
            employeeService.updateEmployee(employee);
            ajaxRes.setSuccess(true);
            ajaxRes.setMessage("修改成功");
        }catch (Exception e){
            ajaxRes.setSuccess(false);
            ajaxRes.setMessage("修改失败");
        }
       return ajaxRes;
    }

    @RequestMapping("employeeUpdateState")
    @ResponseBody
    public AjaxRes employeeUpdateState(long id){
//        System.out.println(id);
        AjaxRes ajaxRes = new AjaxRes();
        try {
            employeeService.employeeUpdateState(id);
            ajaxRes.setSuccess(true);
            ajaxRes.setMessage("修改成功");
        }catch (Exception e){
            ajaxRes.setSuccess(false);
            ajaxRes.setMessage("修改失败");
        }
        return ajaxRes;
    }

    // 处理没有权限的异常
    @ExceptionHandler(AuthorizationException.class)
    public void handleShiroException(HandlerMethod method,
                                     HttpServletResponse response) throws Exception {

        // 通过获取该方法是否有ResponseBody注解，判断是否是ajax请求
        ResponseBody annotation = method.getMethodAnnotation(ResponseBody.class);
        if (annotation != null){
            response.setCharacterEncoding("utf-8");
            AjaxRes ajaxRes = new AjaxRes();
            ajaxRes.setSuccess(false);
            ajaxRes.setMessage("你没有权限操作");
            response.getWriter().print(new ObjectMapper().writeValueAsString(ajaxRes));
        }else {
            // 跳转到提示没有权限的页面
            response.sendRedirect("nopromission.jsp");
        }
    }
}

